ef69257a4702d9c9cf708ad65283273febb3ea91bc8d5e1103c5fe56b17e2826 | Triage

Sharing

General

Target

ef69257a4702d9c9cf708ad65283273febb3ea91bc8d5e1103c5fe56b17e2826
Size

1.9MB
MD5

ee5a762fcaa9ce0cbce2d2283e94569a
SHA1

5c4218a90acc8167048f470daaa2d672b48e19cd
SHA256

ef69257a4702d9c9cf708ad65283273febb3ea91bc8d5e1103c5fe56b17e2826
SHA512

c76aca735f3492b4f2ed82ab468b13178dec4780896ad3296525972f735f605c6b17a46faaf06e9c37b5c42d8aa86ed6d61ce6e1b467d080288b14a061f606f2
SSDEEP

49152:i3/bnMy2bCyPeZ6kkYfGarwlwj9qiATTOAZP6:ijnMy2bCyK6cGari69qiATpS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
ef69257a4702d9c9cf708ad65283273febb3ea91bc8d5e1103c5fe56b17e2826

Files

ef69257a4702d9c9cf708ad65283273febb3ea91bc8d5e1103c5fe56b17e2826
.exe windows:6 windows x86 arch:x86

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

Size: 183KB - Virtual size: 408KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

jlzdbmme
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

bfgudfni
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE